Notepad++ have today confirmed their auto process was compromised by Chinese nation state threat actors, in a supply chain hack: notepad-plus-plus.org/news/hij…
This backs up my blog from late last year, with #GAYINT threat actor mapping to Funky Stamen.
The infrastructure and update mechanisms have since been tightened. For what it’s worth - entry was to telcos and financial services with interests aligned to China. Notepad++ dev did a great job treating issue seriously.
